ShakeMyHand

@codewithimanshu it’s platform agnostic. It works for all types of communication. Email, video chats, text messages, phone calls, etc. The point of the app is that you and the other side (a friend, a colleague, a family member, etc) use ShakeMyHand to generate a shared pass phrase that unique to just the two of you and that regenerates often (like those 6 digit pass codes you generate with an authenticator app). Then, whenever you need to validate your friends identity (because he just send you a payment request for example), you ask your friend for the current pass phrase and you check ShakeMyHand if it matches. If your friend gives you the correct pass phrase you can be pretty sure its your friend making the request.

@codewithimanshu @fluxmatix 2fa for humans!

@codewithimanshu @sentry_co exactly!

@codewithimanshu @fluxmatix if they are sending the message through their whatsapp/email I don't understand how AI plays a role here? If they are hacked it's fake but if it's not hacked it's surely them. I understand the idea using a phonecall from an unknown number? Is that the only use case?

@codewithimanshu @fluxmatix This still has a lot of back and forth. This can hinder adoption. The concept is great, but the TG that has patience & tech savviness to do these extra steps would be smart enough to differentiate genuine vs fraud in 95% scenarios. Major challenge is where people aren't that tech savvy, (imagining someone like my parents), for them, imagining them to do these extra steps seems difficult. Just my thoughts. There is definitely a need gap that you have identified.

@abracadabrawork Good questions. The short answer is: no, the app won't do any automatic verification or put a checkmark next to a WhatsApp message for example. Once you've paired with a contact, both parties' apps will generate the same passphrase at any given moment. Here's how that adds a layer of security: 1. Manual Verification: When you receive a communication you want to verify, you can request the current passphrase from the sender. If the passphrase they provide matches the one on your app, you can trust the communication is authentic. So this is a manual process. 2. Proactive Sharing: Alternatively, when sending a message or email, you can include the current passphrase. The recipient can then cross-reference it with their app, confirming your identity. This method differs from the phone call in your example because theoretically, you'd ask your contact for the passphrase during said phone call to make sure your contact is the real deal and not some clever scammer with an AI voice modifier (in the case of a phone call).

@fluxmatix thank you for your answer

@archiemax My family is dealing with it quite a bit. Fathers receiving messages from their 'daughter' that they've lost their phone and need money 'urgently' for a new one. Also in my team at my company people slack me for credentials, permissions, etc. and I always have to ask them to confirm their request through a secondary channel for verification. It's just a little messy.

@fluxmatix yeah than your solution is definitely useful. I'll definitely bookmark this so I can come back to it once I need it.

Hi @rrhoover. "In prep for our genAI/synthetic future" -> this was my thought exactly. The problem is still relatively small but will get bigger and bigger over time. And I completely agree with the life insurance and will analogy. But once it happens, it's painful and you will want to make sure it never happens again. Unless you're very security-conscious and can see these things becoming an issue for you ahead of time. I'm personally one of those people and I am sure there are many more out there. Those will be the early adopters of tools like ShakeMyHand. And just like AI will become more front and center in people's daily lives, so will the tools that are needed to counteract its negative side effects. Happy to share the road map and continue this conversation privately (Twitter dm?)

Hi @rrhoover. Send you a DM on twitter ✌🏼

@jacob_boston Yes, both sides need the app. Currently the app is only available in English. Is this a problem?

@fluxmatix Thinking back to my first time studying overseas there were a lot of spam emails/calls that I received and was too unfamiliar in English to distinguish. Non native speakers would be a great audience for using your service.

@esus thanks 😊

@hans_p thanks 😊